This document is intended to be a method of information for web sites taking part (or wishing to take part) in the TE Command Post service. Outlined below will be how the TE Command Post service communicates with your web site(s), the data TE Command Post collects, and the security of that data.
The TE Command Post service will never "scrape" or grab any contents or data off or from your web site(s). We will only collect data from your web site(s) if you have one of our TE Command Post service scripts installed on your server. Installation of this script binds an agreement that you allow us to use this script (methods defined below) to collect data from your web sites(s) for use in the TE Command Post service. You are free to uninstall this script at any time if you no longer wish to participate in the TE Command Post service.
The TE Command Post service will communicate with your installed script by using normal POST and GET parameters, as used on every web site with a form or data query string.
It basically works like this: A request is made from the TE Command Post server to your installed script. Your script then generates output. The TE Command Post server then reads and parses this response.
When a member of the TE Command Post service requests that your web site(s) be added to their "TE Command Post", we will ask them to provide their login details to your web site(s). We do not, nor will not, store provided passwords anywhere. When the login details are provided, TE Command Post will send the login details to your script. Your script then sends back a valid or invalid response to validate this user's credentials at your site. The password is immediately discarded after validation.
When a TE Command Post user successfully validates their login credentials at your web site(s), they will not be asked to supply them again by TE Command Post. We mark the users account as validated.
The data collected by the TE Command Post service for any particular user from your installed script will be: assigned credit totals, unassigned credit totals, urls, credits assigned to those urls, assigned banner impression totals, unassigned banner impression totals, banners, impressions assigned to those banners, assigned text link impression totals, unassigned textlink impression totals, text links, impressions assigned to those textlinks, commission balance, and minimum commission payout threshhold. If a particular web site does not have data for one these statistics, that data may be omitted from the scripts output.
Periodically TE Command Post users will have their data from your web site(s) updated. This is pretty straight forward and is exactly as descripted in the script communication section. Users of the TE Command Post service who hold upgraded accounts will have their data updated automatically once per day at 3:00 AM US EST (GMT -5).
Every request we send to your web site(s) TE Command Post script includes an additional parameter that is called a hash. This hash is generated by the TE Command Post server (using a shared key) and then regenerated on your server (using the same shared key - which is not transmitted). The script then checks that the hashes match each other and invalidates the request if they do not match. This hash will be 32 alpha-numeric characters in length and provides 128 bit security.
In short, this virtually guarantees that requests cannot be successfully tampered with by a third party to collect information from your installed script.